Lucene search

K
osvGoogleOSV:GHSA-FGWP-PWQQ-G3W4
HistoryJan 12, 2023 - 6:30 p.m.

Bloom Uncontrolled Search Path Element vulnerability

2023-01-1218:30:28
Google
osv.dev
6
github
vulnerability
bloom
repository
software

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

31.8%

Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

31.8%

Related for OSV:GHSA-FGWP-PWQQ-G3W4